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DETAILED ACTION 
Response to Amendment 

1 . This action is in response to the amendment filed on May 1 1 , 2006. Claims 1-20 
are currently pending in the application. 

Response to Arguments 

2. Applicant's arguments filed May 1 1 , 2006 have been fully considered but they are 
not persuasive for the following reasons: 

Regarding claim 1, the Applicant argues that the Cited Prior Art, Foth (U.S. 
Patent Publication No. US 2003/0068045), states that the printer does not communicate 
with the data repository and that Foth teaches away from the use of delegation 
credentials. These arguments are not found persuasive. In Foth, a mobile device 
(client) communicates with an adaptor, which then communicates with a data center 
(data repository) to retrieve documents for printing (paragraph 23). The adaptor can be 
internal to a printer (paragraphs 20, 22), which allows the printer to act as the 
intermediate server communicating with the data repository as claimed in claim 1 . 
Therefore, the printer with the internal adaptor does communicate with the data center 
(data repository) to retrieve documents for the mobile device (client). Furthermore, it is 
not believed that Foth teaches away from delegation credentials. This argument is not 
found persuasive. Foth contains an intermediary (the printer with the built-in adaptor). 
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which communicates on the mobile device's (client's) behalf to a data center. In 
McGarvey et ai (U.S. Patent Pub. No. US 2003/0028773), a delegation credential is 
used by a middle-tier server to authenticate to a server of a plurality of servers (pages 
4-5: paragraphs 45-52). The delegation credential scheme of McGarvey would make 
the system of Foth more secure, because just instead of relaying the credentials of the 
client (mobile device), McGarvey sends a credential proving that the intermediary server 
(printer with adaptor) is authorized to access the documents on the client's behalf. 
Therefore, since Foth teaches an intermediary server (printer with built-in adaptor) 
acting on a client's behalf, it is believed to be analogous art to McGarvey, and therefore, 
does not teach away from the use of delegation credentials. 



Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, If the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1-10, 12-19 are rejected under 35 U.S.C. 103(a) as being unpatentable 

over Foth (U.S. Patent Application Publication No. 2003/0068045) in view of McGarvey 

etal. (U.S. Patent Application Publication No. 2003/0028773). 



Regarding claim 1. Foth discloses: 
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In a client-server-document repository system, a secure method for remote 
action by reference, comprising: 

'^establishing a communication ctiannel directly between the client and the 
server via one of a wireless link and a landline ' (paragraph 23); 

^'sending, from the client to the server, user credentials to release a 
document stored in the document repository and the address of the document 
(page 2: paragraphs 23-24); 

''verifying, at the server, the user's credentiar (page 2: paragraphs 23-24); 

"/f verified, sending, from the server to the document repository, server 
credentials, and the address of the document (page2: paragraphs 23-24) 

''verifying, at the document repository, the server's credentials" (page 2: 
paragraphs 23-24); 

"if verified, sending the document from the document repository to the 
served (page 2: paragraph 24); and 

"if verified, performing the action on the document at the servef (page 2: 
paragraph 24). 

Foth does not explicitly disclose the method of "using a delegation credential in 
conjunction with user and server credentials to permit the server to perform an 
action on the document. McGarvey discloses using a delegation credential in 
conjunction with user and server credentials to permit the server to perform an action on 
the document (page 4-5: paragraphs 45-52). McGarvey delineates a client sending a 
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signed credential to a middle-tier server (server), which then sends the credential to a 
back-end server (document repository) for authentication on behalf of the client. 
McGarvey states that tiered network approaches are common, whereby in a tiered 
approach, the originator for a unit of work communicates via a client program, which 
then communicates with a middle-tier server (i.e. a web server) which then can access 
a database or other resource managers (i.e. document repository) (page 1 : paragraph 
2). McGarvey further states that "such a tiered approach to network applications may 
create a need for the secure propagation of security credentials of the request originator 
through each of the tiers of the application" (page 1 : paragraph 3) and that "in such 
propagation of secure credentials, the request originator delegates to middle-tier 
servers the authority to access other servers on their behalf (page 1 : paragraph 3). 
Foth and McGarvey are analogous arts in that both deal with a tiered approach to 
access information from a back-end server (document repository) by going through a 
middle-tier server. The middle-tier server as applied to Foth would be the printer with 
the built in adaptor, and the back-end server would be the document repository where 
the document that is requested to be printed resides. Therefore, it would have been 
obvious to one of ordinary skill in the art at the time the invention was made to use the 
delegation credentials provided by McGarvey in conjunction with the user and server 
credentials of Foth, to allow the propagation of security credentials by allowing the 
middle-tier server to act on behalf of the client in accessing the back-end servers. 



Claim 2 is rejected as applied above in rejecting claim 1. Furthermore, Foth discloses: 



Application/Control Number: 10/001 .449 Page 6 

Art Unit: 2131 

The method of claim 1 . wherein "the server comprises a printef (page 2: 
paragraph 20). 

Claim 3 is rejected as applied above in rejecting claim 1 . Furthermore, Foth discloses: 
The method of claim 1 , wherein ''the server comprises a multi-function device 
for printing, faxing and scanning" (page 2: paragraph 20). 

Claim 4 is rejected as applied above in rejecting claim 1. Furthermore, Foth discloses: 
The method of claim 1 , further comprising "establishing a secure connection 
between the client and server prior to sending the user credentials, delegation 
credential and address of the document (page 2: paragraph 21 ). 

Claim 5 is rejected as applied above in rejecting claim 1. Furthermore, Foth discloses: 
The method of claim 1 , wherein "the document addreess comprises a URL" 

(page 2: paragraph 23). 

Claim 6 is rejected as applied above in rejecting claim 1. Furthermore, Foth discloses: 
The method of claim 1 , wherein the delegation credential comprises: 
"URL of the server"' (page 2: paragraphs 23-24); 
"URL of the document to be fetched' (page 2: paragraphs 23-24); 

Foth does not explicitly disclose a certificate signed by the client, the delegator. 

delegatee, and the access rights delegated to the server. McGarvey discloses a 
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credential which has a pre-nonce token which contains the identity of the middle-tier 
server (page 4: paragraph 47), a nonce signed by the client (digital certificate), and a 
random number which can be used for designating the rights of the server by containing 
an expiration date (pages 4-5: paragraphs 47-52). 

Claim 7 is rejected as applied above in rejecting claim 1. Furthermore, Foth discloses: 
The method of claim 1 , wherein the client comprises "a mobile device" (page 2: 
paragraph 21). 

Claim 8 is rejected as applied above in rejecting claim 7. Furthermore, Foth discloses: 
The method of claim 7, wherein the mobile device comprises "a PDA" (page 2: 
paragraph 21). 

Claim 9 is rejected as applied above in rejecting claim 7. Furthermore, Foth discloses: 

The method of claim 7, wherein the mobile device comprises "a cell phone" 
(page 2: paragraph 21). 

Claim 10 is rejected as applied above in rejecting claim 1. Furthermore, Foth discloses: 

The method of claim 1 . 
Foth does not explicitly disclose the delegation credential including a time limit, wherein 
upon expiration of the time limit, the server's permissions expire. McGarvey discloses a 
random number, which has an expiration date, and at the back-end server, if it is 
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determined that the random number received from the middle-tier server is expired, the 
delegation credential is not authenticated. 

Claim 12 is rejected as applied above in rejecting claim 1. Furthermore, Foth discloses: 

The method of claim 1 . 
Foth does not explicitly disclose that the delegation credential comprises a Satchel 
token. McGarvey discloses that the delegation credential includes a pre-nonce token 
which is used for authenticating to a back-end server. 

Claim 13 is rejected as applied above in rejecting claim 1. Furthermore, Foth discloses: 

The method of claim 1 , 
Foth does not explicitly disclose that the delegation credential comprises an SPKI 
certificate. McGarvey discloses that the delegation credential includes a nonce signed 
digitally signed by a user. 

Claim 14 is rejected as applied above in rejecting claim 1. Furthermore, Foth discloses: 

The method of claim 1 , wherein "the server comprises a printer" (page2: 
paragraph 20) and the action comprises "printing ttie document' (page 2: paragraph 
24) and wherein the verifying step comprises "verifying if the client has rights on the 
printer and if not sending an error message to the client (page 2: paragraph 23). 
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Claim 15 is rejected as applied above in rejecting claim 14. Furthermore, Foth 
discloses: 

The method of claim 14. Foth does not explicitly state "verifying, at the printer, if 
sufficient media is available." However, it was well-known in the art at the time the 
invention was made, that every time a print job is sent to a printer, that the printer 
checks if it has sufficient memory to process the request. Therefore it would have been 
obvious to one of ordinary skill in the art at the time the invention was made, to check 
for sufficient media before commencing the print job. 

Claim 16 is rejected as applied above in rejecting claim 15. Furthermore, Foth 
discloses: 

The method of claim 15. Foth does not explicitly disclose "upon printing the 
document, sending the client a notice." However, it was well-known in that art at the 
time of invention was made, that when a print job is completed, a notice will be sent to 
the client. Foth discloses a "secure retrieval of documents" (Abstract) which would 
imply that a user would know exactly when the print job was completed. Therefore, it 
would have been obvious to one of ordinary skill in the art at the time the invention was 
made, to have the server send the client a notice when printing had completed. 

Claim 17 is rejected as applied above in rejecting claim 3. Furthermore, Foth discloses: 
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The method of claim 3, wherein ''the delegation credential includes the 
client's access rights associated with the document and constraints on the 
server" {page 2: paragraph 23). 

Claim 18 is rejected as applied above in rejecting claim 17. Furthermore, Foth 

discloses: 

The method of claim 17, wherein "the client's access rights include printing, 
faxing, copying, and fetching" (page 2: paragraph 23-24). 
Foth does not explicitly disclose the server's constraints include a predetermined 
number of copies that may be made and a predetermined period of time in which 
actions on the document maybe provided." McGarvey discloses a random number, 
which has an expiration date, and at the back-end server, if it is determined that the 
random number received from the middle-tier server is expired, the delegation 
credential is not authenticated. 

Regarding claim 19, Foth discloses: 

In a client-server-document repository system, a secure method for remote 
action by reference, comprising: 

"establishing a communication channel directly between the client and the 
server via one of a wireless link and a landline" (paragraph 23); 
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"sending, from the client to ttie server, user credentials to release a 
plurality of documents stored in the document repository and the address of the 
document (page 2: paragraphs 23-24); 

"verifying, at the server, the user's credential' (page 2: paragraphs 23-24); 

"if verified, sending, from the server to the document repository, server 
credentials, and the address of the document (page2: paragraphs 23-24) 

"verifying, at the document repository, the server's credentials" (page 2: 
paragraphs 23-24); 

"if verified, sending the document from the document repository to the 
server" {page 2: paragraph 24); and 

"performing the action on the document at the server"' (page 2: paragraph 24). 
Foth does not explicitly disclose the method of "using a plurality of delegation 
credentials In conjunction with user and server credentials to permit the server to 
perform an action on the document on the user's behalf. McGarvey discloses 
using a delegation credential in conjunction with user and server credentials to permit 
the server to perfomi an action on the document (page 4-5: paragraphs 45-52). 
McGarvey delineates a client sending a signed credential to a middle-tier server 
(server), which then sends the credential to a back-end server (document repository) for 
authentication on behalf of the client. A plurality of credentials can be sent if there is a 
plurality of documents that need to be retrieved. McGarvey states that tiered network 
approaches are common, whereby in a tiered approach, the originator for a unit of work 
communicates via a client program, which then communicates with a middle-tier server 
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(i.e. a web server) which then can access a database or other resource managers (i.e. 
document repository) (page 1 : paragraph 2). McGarvey further states that "such a 
tiered approach to network applications may create a need for the secure propagation 
of security credentials of the request originator through each of the tiers of the 
application" (page 1 : paragraph 3) and that "in such propagation of secure credentials, 
the request originator delegates to middle-tier servers the authority to access other 
servers on their behalf (page 1 : paragraph 3). Foth and McGarvey are analogous arts 
in that both deal with a tiered approach to access information from a back-end server 
(document repository) by going through a middle-tier server The middle-tier server as 
applied to Foth would be the printer with the built in adaptor, and the back-end server 
would be the document repository where the document that is requested to be printed 
resides. Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to use the delegation credentials provided by McGarvey in 
conjunction with the user and server credentials of Foth, to allow the propagation of 
security credentials by allowing the middle-tier server to act on behalf of the client in 
accessing the back-end servers. 

Regarding claim 20, Foth discloses: 

In a client-server-document repository system, a secure method for remote 
action by reference, comprising: 

"establishing a communication channel directly between the client and the 
server via one of a wireless link and a landllne" (paragraph 23); 
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"sending, from the client to the server, user credentials to release a 
document stored in the document repository and the address of the document 
(page 2: paragraphs 23-24); 

"verifying, at the server, the user's credential' (page 2: paragraphs 23-24); 

"if verified, sending, from the server to the document repository, server 
credentials, and the address of the document (page2: paragraphs 23-24) 

"verifying, at the document repository, the server's credentials" (page 2: 
paragraphs 23-24); 

"if verified, sending the document from the document repository to the 
server'' (page 2: paragraph 24); and 

"if verified, performing the action on the document at the server^' (pag^ 2: 
paragraph 24). 

Foth does not explicitly disclose the method of "using a delegation credential in 
conjunction with user and server credentials to permit the server to perform an 
action on the document. McGarvey discloses using a delegation credential in 
conjunction with user and server credentials to permit the server to perform an action on 
the document (page 4-5: paragraphs 45-52). McGarvey delineates a client sending a 
signed credential to a middle-tier server (server), which then sends the credential to a 
back-end server (document repository) for authentication on behalf of the client. 
McGarvey states that tiered network approaches are common, whereby in a tiered 
approach, the originator for a unit of work communicates via a client program, which 
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then communicates with a middle-tier server (I.e. a web server) which then can access 
a database or other resource managers (i.e. document repository) (page 1: paragraph 
2). IVIcGarvey further states that "such a tiered approach to network applications may 
create a need for the secure propagation of security credentials of the request originator 
through each of the tiers of the application" (page 1 : paragraph 3) and that "in such 
propagation of secure credentials, the request originator delegates to middle-tier 
servers the authority to access other servers on their behalf (page 1 : paragraph 3). 
Foth and McGarvey are analogous arts in that both deal with a tiered approach to 
access information from a back-end server (document repository) by going through a 
middle-tier server. The middle-tier server as applied to Foth would be the printer with 
the built in adaptor, and the back-end server would be the document repository where 
the document that is requested to be printed resides. Therefore, it would have been 
obvious to one of ordinary skill in the art at the time the invention was made to use the 
delegation credentials provided by McGarvey in conjunction with the user and server 
credentials of Foth, to allow the propagation of security credentials by allowing the 
middle-tier server to act on behalf of the client in accessing the back-end servers. 

4. Claim 1 1 is rejected under 35 U.S.C. 103(a) as being unpatentable over Foth 
(U.S. Patent Application Publication No. 2003/0068045) in view of McGarvey et al. (U.S. 
Patent Application Publication No. 2003/0028773) and further in view of Taniguchi et al. 
(U.S. Patent 6,801,962). 
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Claim 1 1 is rejected as applied above in rejecting claim 1 . The Foth-McGarvey 
combination does not explicitly teach that a delegation credential is used for authorizing 
payment for the action, sending the delegation credential to a payment provider, and 
verifying the credentials at the payment provider. Taniguchi discloses a mobile device 
in communication with a server, whereby the user authenticates to the server, and a 
print job is processed by request from the user, and the printing of the document is 
charged allowing a user to "make use of a pay print service utilizing the portable 
terminal device at an arbitrary place where the image forming device is provided" 
(column 2 lines 20-43). The Foth-McGarvey combination teaches sending a delegation 
credential from a client to a server, and sending a delegation credential from a middle- 
tier server to a back-end server, and verifying the delegation credential and the server 
credential at the back-end server. Foth-McGarvey and Taniguchi are analogous arts as 
all deal with servers, and Taniguchi deals with printing using a mobile device in the 
same manner as Foth. It is obvious that the back-end sen/er can be a billing sen/er 
(payment provider), and the user can delegate the server to act on its behalf using the 
same logic described in rejecting claim 1, to provide payment. Therefore it would have 
been obvious to one of ordinary skill in the art at the time the invention was made to use 
the payment process disclosed by Taniguchi in conjunction with the system of Foth- 
McGarvey to allow a user to "make use of a pay print service utilizing the portable 
terminal device at an arbitrary place where the image forming device is provided" 
(Taniguchi, column 2 lines 20-43). 
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Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .1 36(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kaveh Abrishamkar whose telephone number is 571- 
272-3786. The examiner can normally be reached on Monday thru Friday 8-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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information regarding tlie status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more infonnation about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

KA 

07/17/2006 
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